package com.supermap.shiro.config.shiro;

import com.supermap.shiro.common.MD5;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

/**
 * @author xiaolu
 * @date 2018/7/2 上午10:15
 */
public class AuthCredentialsMatcher extends SimpleCredentialsMatcher {

    /**
     * 权限验证
     *
     * @param token
     * @param info
     * @return
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken utoken = (UsernamePasswordToken) token;
        //获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
        String inPassword = new String(utoken.getPassword());
        //获得数据库中的密码
        String dbPassword = (String) info.getCredentials();
        //进行密码的比对
        return dbPassword != null && this.equals(MD5.encode(inPassword), dbPassword);
    }

}
